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(54) Label switched communications network 



(57) In a label switch communications network, a 
third level of label is employed in conjunction with a dy- 
namic multiplex constraint-based routed label switched 
path (CR-LSP) in order to achieve implicit switching at 
nodes within the network. Implicit switching occurs 
when a switching function takes place at a node without 



the need for any control function being required at that 
node. A three-layer label stack provided at the edge of 
the network achieves end-to-end connection oriented 
behaviour with guaranteed Quality of Service. The use 
of the three-layer label stack concentrates the control of 
the network to the two edges of the network and a single 
central switching stage of the network. 
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Description 

FIELD OF THE INVENTION 

[0001] This invention relates to arrangements and 
methods for the switching or routing of traffic in a com- 
munication network 

BACKGROUND OF THE INVENTION 

[0002] Traditionally, two types of legacy telecommu- 
nication networks have been developed. The first type 
of legacy network is connection oriented and is used for 
the transport of narrow band voice traffic, typically car- 
ried in TDM frames. Such networks comprise for exam- 
ple synchronous or plesiochronous networks. The sec- 
ond type of legacy network is connectionless in nature 
and is .used for the transport of broad band packet or 
cell-based data traffic. Such packet traffic includes for 
example Internet protocol (IP) traffic. There is currently 
a drive towards unified networks which provide end to 
end transport for both voice and data services, and to 
this end the use of asynchronous transport has been 
introduced. This of course introduces the problem of 
supporting different protocols over a common network. 
[0003] Asynchronous Transfer Mode (ATM) is the 
technology specified by the ITU-T as a broadband net- 
work technology suitable for all applications. For Inter- 
net protocol traffic however, ATM has proven to be less 
than fully effective at supporting Layer 3 routed applica- 
tions, such as routed virtual private networks. This has 
led the I RTF (Internet Research Task Force) to specify 
multi-protocol label switching (MPLS) as a technology 
which inherits the desirable characteristics of ATM but 
is better matched to the Internet protocol. In particular 
MPLS provides a frame merge function in which data 
frames received from multiple sources are captured and 
sent out with a common label. This is key to support of 
Internet protocol Layer 3 Routed services. Service pro- 
viders would ideally prefer a single network technology 
to support all of the services that they provide as this 
would achieve the lowest possible operational cost. 
[0004] A particular problem the introduction of a 
multi-service network is that of accommodating the var- 
ious transport protocols and, In particular, that of provid- 
ing end to end quality of service guarantees for high pri- 
ority traffic such as voice. In particular, there is a need 
to provide a network that can carry both data and voice 
traffic at a local, national and international level while 
utilising a common transport protocol. Afurther problem 
with such a network is that of real time management of 
the virtual public/private networks that are established 
within the network. At present, each VPN manager re- 
quires a detailed knowledge of the network topology. In 
a large network this is a very significant operational task. 



SUMMARY OF THE INVENTION 

[0005] An object of the invention is to minimise or to 
overcome the above disadvantages. 
5 [0006] According to a first aspect of the invention, 
there is provided a method of routing an information 
packet over a label switched path between first and sec- 
ond end stations in a virtual private network defined over 
a network arrangement comprising a hierarchical ar- 
10 rangement of first, second and third levels of routers, 
the method comprising attaching to the information 
packet at a network edge a sequence of first, second 
and third labels indicative of a corresponding concate- 
nated sequence of label switched path sections within 
15 the virtual private network, each said path section ex- 
tending between a pair of said routers. 
[0007] According to another aspect of the invention, 
there Is provided a communications multi-service net- 
work comprising; a plurality of nodes interconnected via 
20 quality of service capable tunnels and incorporating a 
frame-mode label switched (MPLS) architecture, 
wherein end-to-end communications having a predeter- 
mined quality of service are provided by defining at the 
network edge a label stack of first, second and third la- 
25 bels for delivering packets through a sequence of said 
tunnels defined by the label stack. 
[0008] According to a further aspect of the invention, 
there is provided a communications multi-service net- 
work incorporating a plurality of dynamic multiplex con- 
30 straint based label switched paths defining quality of 
service capable tunnels, each said path comprising a 
second layer constraint based label switched paths con- 
strained within two first-layer constraint based label 
switched paths. 
35 [0009] In our co-pending application serial number 
09/xxxx (11 B62IDMauger)the use of a two-layer MPLS 
network in order to simplify the management of Virtual 
Public/Private Networks (VPN) is described. In this ap- 
plication, the use of a three-label stack provides con- 
40 nection oriented behaviour for voice traffic whilst retain- 
ing strict edge control analogous to standard IP network 
operation. The use of a three layer, five stage hierarchi- 
cal network of routers enables the technique to be em- 
ployed over an international or global network. 
45 [0010] In a preferred embodiment, the invention pro- 
vides a system in which a five-stage switching network 
is configured to allow scaling to the largest sizes re- 
quired by any network operator for IP networking, Ses- 
sion Switched Multimedia, PSTN or any other service in 
so a Multiservice network architecture. 

[0011] In a preferred embodiment, the Common Open 
Policy Service (COPS) protocol is used to push MPLS 
Label Switched Paths (LSP) to establish a five-stage 
network and to establish end-to-end QoS capable con- 
55 nections. 

[0012] In a further embodiment of the invention, there 
is provided a multi-service communications network in- 
corporating at least one dynamic multiplex label 
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switched path comprising a second layer constraint- 
based routed label switched path multiplexed into two 
first-layer constraint-based routed label switched paths. 
[0013] The resource availability of the second-stage 
layer 1 CR-LSPs may be advertised periodically to the 5 
first-stage LSRs such that the resource availability may 
be utilised in DM-LSP path selection. 

Advantageously, the individual dynamic multiplex 
label switched paths (DM-LSPs) have no pre-de^ 10 
fined traffic contracts but instead are constrained by 
the traffic contracts of the first layer constraint- 
based routed label switched paths (CR-LSPs) in 
which they are contained. 

15 

[0014] In a preferred embodiment of the invention, we 
employ a three-layer label stack at the edge of the net- 
work in order to achieve end-to-end connection oriented 
behaviour with guaranteed quality of service. We have 
found that the use of the three-layer label stack is suffi- 20 
cient to minimise the control of the network to the two 
edges of the network and a single central switching 
stage of the network. In this manner the real-time control 
constraints placed on the second and fourth stages of 
the network are removed thus enabling these stages to 25 
scale to extremely large capacity. 
[0015] Advantageously, a virtual private/public net- 
work is defined with multiple stages of constraint-based 
routed label switched paths, 

[0016] MPLS has been defined by the IETF so as to 30 
be independent of the underlying transport mechanism. 
Mappings on to ATM have been defined as well as 
frame-mode networks using HDLC (High-level data link 
control) based or other forms of frame transport. 
[0017] MPLS includes the concept of stacked labels; 35 
this allows a network to operate at multiple layers. For 
instance a first label in the stack can relate to a traffic 
trunk. A switch which only swapped this first label would 
handle the traffic trunk transparently. A switch which 
popped the first label, swapped the second label and 40 
pushed a new first label would be switching a service 
instance between two traffic trunks. 
[0018] In our arrangement and method, a third level 
of label is employed in conjunction with a dynamic mul- 
tiplex constraint-based routed label switched path *s 
(CR-LSP) In orderto achieve implicit switching at certain 
nodes within a network. Implicit switching occurs when 
a switching function takes place at a node without the 
need for any control function being required at that node. 
Such an implicit switching function provides the advan- . so 
tages of simplifying the overall control architecture of the 
network and minimising the real-time processing re- 
quirements on those nodes that perform the implicit 
switching function. This enables very large scale nodes 
to be implemented while maintaining the flexibility of 55 
having switching points at those nodes. 
[001 9] Advantageously, a bandwidth allocation mech- 
■ anism is used to pre-altocate, on a predictive or as need- 



ed basis, capacity within the second-stage Layer 1 con- 
straint-based routed label switched paths such that dy- 
namic multiplexed label switched path selection is de- 
terministic 

[0020] Other aspects and features of the present in- 
vention will become apparent to those ordinarily skilled 
in the art upon review of the following description of spe- 
cific embodiments of the invention in conjunction with 
the accompanying figures 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0021] Preferred embodiments of the invention will 
now be described with reference to the accompanying 
drawings in which:- 

Figure 1 Is a schematic diagram of an exemplary 
virtual public/private network according to a pre- 
ferred embodiment of the invention; 

Figure 2 shows the construction of an abstract node 
employed in the network of figure 1 and illustrates 
the network construction in further detail; 

Figure 3 shows an exemplary Layer 1 management 
and bearer control architecture; 

Figure 4 illustrates a virtual public/private network 
information model; 

Figure 5 illustrates the concept of a Dynamic Multi- 
plex - Label Switched Path, 

Figure 6 illustrates a virtual public/private ^network 
controlled by a three-label stack according to a pre- 
ferred embodiment of the invention, 

Figure 7 illustrates the use of the COPS push mech- 
anism to establish MPLS paths. 

Figure 8 illustrates the label processing functions at 
each node of figure 6 

Figure 9 illustrates an embodiment of figure 6 dem- 
onstrating Its scalability to a large network, 

Figure 10 illustrates the control functions of figure 
6 to guarantee connection oriented behaviours of 
the end-to-end path. 

DESCRIPTION OF PREFERRED EMBODIMENTS 

[0022] Referring first to figure 1 , which is introduced 
for explanatory and comparative purposes, this figure 
illustrates in highly schematic form an exemplary virtual 
public/private network (VPN) deployed nationally or re- 
gionally in orderto provide session switched multimedia 
services on a territorial basis. The network comprises a 
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number of service nodes 1 1 , located at the mai n centres 
of population, inter-linked via a network of core nodes 
by quality-of -service (QoS) capable tunnels 12. The 
construction of the core network will be described below. 
In figure 1 , only one core node 1 8 is shown in the inter- 
ests of clarity, but it will of course be appreciated that 
the network will incorporate a plurality of core nodes. 
Access to the networkf rom user terminals 1 3 is provided 
via media gateways 14 each serving to one or more 
service nodes 11. Traffic is transported on constraint- 
based routed label switched paths (CR-LSP) 15 estab- 
lished between respective gateways. The network car- 
ries packet traffic, each packet 1 6 comprising a payload 
and first and second labels (Labell, Label2) indicative 
of the path over which the packet is to be routed. 
[0023] CR-LSPs (constraint-based routed label 
switched paths) are deployed between the service 
nodes 11 of the network. Services such as inter-active 
voice, requiring strict QoS guarantees are supported by 
end-to-end CR-LSPs 1 5 as illustrated in figure 1 . To take 
a simple example of QoS support, if all of the CR-LSPs 
at both traffic-trunk level and end-to-end are constant 
bit rate, then the performance of the end-to-end CR-LSP 
can be substantially equivalent to ATM-AAL1 (Asyn- 
chronous Transfer Mode Adaptation Layer One) assum- 
ing atypical 48-byte packetisation. 
[0024] The IETF has defined two protocols forthe es- 
tablishment of CR-LSPs. These protocols are 
RSVP-Traffic Engineering, and Constraint- routed Label 
Distribution Protocol. CR-LSPs (constraint-based rout- 
ed label switched paths) are point-to-point paths be- 
tween designated network nodes. Such paths are each 
assigned a traffic contract which, in suitable carrier 
strength implementations, will be policed for conform- 
ance. We prefer to employ the CR-LDP protocol, but it 
will be appreciated by those skilled in the art that the 
RSVP-TE protocol has equivalent functionality and can 
be used to serve the same purpose. Such a CR-LSP 
has an LSPID (label switched path identifier) which can 
be used to specify a hop in a CR-LDP request. In such 
a case the new CR-LSP will be multiplexed Into the 
specified CR-LSP and allocated a second level label. It 
is therefore possible to specify within the network of fig- 
ure 1 a virtual public/private network (VPN) with multiple 
stages of first level CR-LSPs and to provide end-to-end 
services having a CR-LSP traffic contract by multiplex- 
ing further CR-LSPs into a set of appropriate first level 
CR-LSPs. 

[0025] A feature of the constraint based routed label 
distribution protocol (CR-LDP) employed in the network 
of figure 1 is the use of an "abstract node" to define rout- 
ing constraints. An abstract node consists of a sub-net- 
work of real nodes (core nodes) over which the con- 
straint based routed label distribution protocol is allowed 
to select any available path to achieve a requested con- 
' nection. Thus in a path specified as (real node A - ab- 
stract node B - abstract node C real-node D) there may 
be multiple real nodes in each of the abstract nodes, 



and there may also be multiple trunks between the ab- 
stract nodes. This concept of abstract nodes simplifies 
the managers t of a VPN as the network manager only 
requires a vie - sf the network at the abstract node level 
5 and does not require detailed view of the construction 
or internal operation of an abstract node. . 
[0026] Referring now to figure 2, which is also intro- 
duced for explanatory and comparative purposes, this 
depicts in schematic form a portion of the network of fig- 
to ure 1 . Figure 2 is a representation of a simple network 
in its abstract node form, together with a possible real 
network realisation of one of the abstract nodes. 
[0027] The network represents groups of multiple 
service nodes (SN) 11 each arranged around a respec- 
15 tive abstract node (AN) 22 in each of four locations. One 
of the abstract nodes 22 is shown in detail to illustrate 
its construction from a sub-network of four core nodes 
(CN) 18 with multiple transport links 23 therebetween. 
In the network of figures 1 and 2, an abstract node is 
20 defined by an IP address prefix, and ail core nodes 
which include that prefix in their IP address are treated 
as part of that abstract node. It will of course be under- 
stood that an abstract node may be constructed from 
some other number of core nodes. Further, abstract 
25 nodes can have a temporary, semi-permanent or per- 
manent existence depending on the network require- 
ments. 

[0028] Constraint based routed label switched paths 
15 are deployed between service nodes 11 via the ap- 
30 propriate intervening abstract nodes 22. 

[0029] In the arrangement of figures 1 and 2, it is rel- 
atively simple for a management system controlling the 
real network to produce an abstract node version of its 
information model for use on a super-ordinate network 
35 manager. It is also relatively easy to produce a graphical 
representation of such a network and to specify traffic 
trunks by defining paths between service nodes and 
passing through abstract nodes. These graphical paths 
can then be used to automatically construct CR-LDP re- 
40 quests to establish the traffic trunks. CR-LDP can run 
on an existing constraint-based routed label switched 
path (CR-LSP) to renegotiate the traffic contract so that 
*the technique provides for near real-time creation of 
VPNs as well as flexible service level agreements which 
45 can be modified e.g. on a diurnal basis or on any basis 
which suits the customer traffic profile. 
[0030] A management and bearer control function for 
the Layer 1 physical network of figures 1 and 2 is illus- 
trated in figure 3. This figure shows by way of example 
so a simple network based on a group of core nodes 18, 
constituting an abstract node 22, and service nodes 11 . 
The real network has a management system based on 
a hierarchical structure of element managers 31 and 
(sub) network managers 32. The (sub) network manag- 
55 er 32 is responsible for constructing the abstract node 
information model representation of the network, which 
information is passed to a super-ordinate manager 33. 
A sub-ordinate manager 36 provides virtual switch man- 
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agement to perform fault, configuration, accounting, 
performance, and security management. The super-or- 
dinate manager 33 is used for defining VPNs and plac- 
ing traffic trunks to realise those VPNs. Thesuper-ordi- m 
nate manager also creates, modifies and deletes virtual 5 
switches! Traffic trunk requests are passed to bearer 
control Layer 1 (34) to initiate the CR-LDP process. This 
is the interface point for MPLS Layer 1 Bearer Control 
for which the common open policy service protocol 
(COPS) is preferred; 10 
[0031] The information model illustrated in figure 4 for 
the sub-network manager 32 is also simplified in that 
only the Layer 2 virtual switches (VS) 41 are visible. 
These virtual switches are configured with access ports 
42 to which users are connected and traffic trunks 43 '5 
configured end-to-end and provisioned with SLAs. 
[0032] Referring now to figure 5 the concept of a Dy- 
namic Multiplex Label Switch Path (DM-LSP) according 
to a preferred embodiment of the invention is 
illustrated. . in the exemplary network of figure 5, a hi- 20 
erarchica! three layer arrangement of local nodes 51a, 
regional nodes 51b and international nodes 51c is pro- 
vided, each node comprising a label switched router. 
Within the three-stage network of MPLS label switched 
routers (LSR) a mesh of Layer 1 label switched paths 25 
(LSPs) 55 is established. As described above, it is pos- 
sible to define the constraints for a new label switched 
path (LSP) in terms of existing LSPs in which case a 
Layer 2 LSP is established and a second level label de- 
fines the embedded CR-LSP. In the DM-LSP arrange- 30 
ment illustrated in figure 5, a third level label is defined 
which relates to one of a number of sessions which can 
be dynamically multiplexed onto the same label 
switched path (LSP). The DM-LSP 57 itself has no ex- 
plicit traffic contract, but is instead subject to the follow- 35 
ing constraint. A new session may be multiplexed onto 
the DM-LSP 57 if and only if the resource constraints of 
the first-stage and second-stage Layer 1 constraint- 
based routed label switched paths (CR-LSPs) are sat- 
isfied. The checking of these constraints can be per- 40 
formed in the first and third stage LSRs which have full 
visibility of the resources committed to the first-stage 
and second-stage Layer 1 LSPs respectively. The sec* *° 
ond-stage (central) LSRs 51 b perform an implicit switch- 
ing function in that sessions may be dynamically routed 45 
between first and third stage LSRs using any available 
Layerl CR-LSPs, but the second stage LSRs are not 
involved in the control process. This simplifies the over- 
all control architecture for the network, and minimises 
the real-time processing requirements on these second so 
(central) stage LSRs enabling them to scale significant- 
ly, yet still maintainsfull switch ing flexibility. FigureSalso 
illustrates a number of LSRs which are used to route the 
Layer 1 CR-LSPS. These are additional network stages 
that may be required for the traffic management of large 55 
numbers of VPNs. They need not be directly involved in 
the operation of the DM-LSPs. The establishment of a 
DM-LSP may be implemented in CR-LDP CR-LDP us- . 



ing the label request message to establish CR-LSPs. 
Within this message, notification that this is a DM-LSP 
may be signalled explicitly by defining a type length val- 
ue (TLV) field that conveys this information. Alternative- 
ly, an existingtrafficTLVmay be used by setting the traf- 
fic contract parameters (Peak Date Rate etc.) to null val- 
ues. On receipt of these null values, the receiver nodes 
are able to infer that, as no traffic contract is defined yet 
although the new CR-LSP is to be established within 
first-layer CR-LSPs with traffic contracts, then this re- 
quest must be for a DM-LSP. Those skilled in the art will 
recognise that similar mechanisms may also be defined 
for RSVP-TE. 

[0033] The ingress point to the DM-LSP (the first 
stage LSR 51 a) has no inherent visibility of the available 
resource within the second-stage Layer 1 LSP, and thus 
requests to establish new sessions upon the DM-LSP 
may be denied due to insufficient resource within the 
second stage (egress) Layer 1 ER-LSP. The probability 
of denial may be significantly reduced if the third-stage 
(egress) LSR periodically advertises the available re- 
sources (within the second stage Layer 1 LSR) to the 
first stage LSRs. This resource information enables the 
first stage LSRs to select DM-LSPs with a higher prob- 
ability of success. Alternately, the probability of denial 
may be eliminated substantially entirely by employing a 
mechanism whereby the second-stage Layer 1 CR-LSP 
bandwidth is pre-allocated to DM-LSPs according to 
current (and predicted future) needs. To implement this 
latter mechanism, the first stage LSR sends signalled 
requests to the relevant third-stage LSR asking for an 
additional allocation of bandwidth to a particular 
DM-LSP. This request will be granted provided band- 
width is available and the request meets the policy con- 
straints set by the network. An equivalent process is 
used to relinquish capacity when that capacity is no 
longer required. A simple bandwidth management func- 
tion implemented within the third stage (egress) LSR 
can be used to perform either of these two mechanisms. 
[0034] An exemplary five-stage virtual private/public 
network (VPN) with three-layer label control is illustrated 
in figure 6. The network comprises a hierarchical or lay- 
ered structure of local tandem routers 61 a, national tan- 
dem routers 61b and international tandem routers 61c. 
A super-ordinate manager 60 is responsible for config- 
uring one or more virtual private/public networks (VPN) 
within the network structure of figure 6. This VPN con- 
figuration is performed by defining the Layer 1 label 
switched paths (LSPs) in terms of service level agree- 
ments and constraints for their routing through the net- 
work. This information is formulated as a COPS com- 
mand which is pushed down to the label switched router 
(LSR) which forms the ingress of the requested CR-LSP. 
The super-ordinate manager60 pushes the COPS com- 
mands to an admission manager (AM) 64 disposed in 
media gateway controller 65 .which admission manager 
records resources available for use in service requests. 
The admission manager 64 then pushes the COPS 
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messages down to the LSRs where these messages are 
used to invoke RSVP-TE or CR-LDP sessions in order 
to establish the virtual private/public network (VPN) . The 
super-ordinate manager 60 then establishes a mesh of 
DM-LSPs (dynamic multiplex label switched paths) be- 
tween all of the local label switched routers (LSRs) and 
all of the National Tandem LSRs. In addition to the ad- 
mission manager function, simplified resource manag- 
ers uniquely associated to the third stage core LSRs 
(National Tandems) may be used to control the alloca- 
tion of layer 1 LSP bandwidth to the DM-LSPs in the 
manner described above. 

[0035] The above process establishes a network in 
which a CR-LSP between any two Local LSRs, can be 
specified by a pair of DM-LSPs. For a full mesh config- 
uration, there are as many alternative routes between 
each pair of Local LSRs as there are national tandem 
LSRs deployed In the network. When a media gateway 
controller wishes to establish a session with QoS (qual- 
ity of service) guarantees it requests its associated ad- 
mission manager. A session request may be initiated di- 
rectly by a session control protocol such as Q1901 or 
SIP, or the request maybe initiated as a result of inter- 
cepting an RSVP message. Communication between 
the media gateway controllers (MGC) uses a protocol 
which is able to tunnel connection control Information 
such as Q1901, SIP or RSVP. The connection control 
information which is tunnelled between media gateway 
controllers comprises a list of LSP-lDs. In the forward 
direction, this list contains a set of candidate DM-LSPs 
which are suitable to provide access from the first-stage 
to third-stage LSRs (Local to National Tandem). A can- 
didate DM-LSP is defined as a CR-LSP which the orig- 
inating AM believes may have available resource to ac- 
commodate the session request. 
[0036] In the reverse direction, the LSP-ID list com- 
prises a list of the two DM-LSPs that the far-end admis- 
sion manager has chosen for the session request. This 
list comprises one of the candidate DM-LSPs offered by 
the originating admission manager plus a DM-LSP that 
will provide the connection from the third to fifth stage 
LSR (National Tandem to Local). The scheme may be 
operated separately for each direction of transport or bi- 
directional operation may be chosen. The five-stage 
network is sufficient for long distance or global traffic. 
Fewer stages would be required for local services. 
[0037] Once a DM-LSP (dynamic multiplex label 
switched path) pair-set has been negotiated, the end- 
to-end connection is established by the originating me- 
dia gateway controller. This gateway controller uses e. 
g. H.248 to communicate with the originating media 
gateway and defines both the ingress logical port that 
connects the terminal to the media gateway together 
With a bearer package characterising a path across the 
network. This bearer package contains the first stage 
LSR IP address, the LSP-ID for the DM-LSP that con- 
nects the first to third stage LSRs, the LSP-ID for the 
DM-LSP that connects the third to fifth stage LSRs and 



the IP address of the terminating media gateway. This 
last address will either have been signalled as part of 
the normal inter-MGC call control signalling, or it could 
be tunnelled as part of the path negotiation process just 
5 described. The originating media gateway uses the 
bearer package to initiate an end-to-end CR-LDP label 
request message that establishes a path from media 
gateway to media gateway. In parallel, the terminating 
media gateway controller issues an H.248 command to 
10 connect this path to the logical port that connects the 
media gateway to the far-end terminal thus establishing 
the end-to-end session. The CR-LDP label request 
message will explicitly cause the bandwidth capacity 
control functions to be executed on the first, third and 
15 fifth stage LSRs (Local, National Tandem, Local). Thus 
the connection will be rejected if bandwidth is not cur- 
rently available. This eliminates the potential for race 
conditions or any inaccuracies In bandwidth control/ad- 
vertisement mechanisms. The QoS of existing sessions 
20 is always preserved. 

[0038] In the media gateway-initiated path reserva- 
tion mechanism described above, the media gateways 
are explicitly informed of the LSP-IDs used in the core 
network. If the media gateways are not fully trusted par- 
25 ties, then from a security perspective it would be advan- 
tageous to hide these core LSP-IDs from them and the 
following alternative reservation mechanism achieves 
this. 

[0039] In this alternative embodiment, a pool of LSPs 
30 is pre-established between the media gateways and the 
Local LSRs. This LSP pool is controlled by the super- 
ordinate manager as part of the initial VPN establish- 
ment. The admission managers are given visibility of 
these LSPs (through their LSP-IDs) and control over 
35 their allocation. Path-negotiation occurs as before to se- 
lect a pair of DM-LSPs but, once chosen, the end-to-end 
connection is reserved in the following manner. The 
originating MGC uses H.248 to create a connection be- 
tween the terminal and the first-stage LSR via one of the 
40 pre-configured LSPs that has been selected by the ad- 
mission manager and is identified by its LSP-ID. The 
media gateway controller then use COPS to push down 
the connection between thefirsfs'&ge LSR and the fifth 
stage LSR. The COPS push will thus contain the incom- 
45 mg LSP-ID (MG to Local) plus the LSP-IDs for the 
DM-LSP pair-set. The first-stage (Local) LSR uses 
CR-LDP to establish a path across the core-network to 
the fifth stage LSR. In parallel the terminating media 
gateway controller will have issued similar H.248 com- 
50 mands to the terminating media gateway and a COPS 
push to the fifth-stage LSR to enable the end-to-end 
connection to be completed. The terminating (fifth 
stage) LSR needs to be able to correlate the CR-LDP 
label request message with the COPS push message 
55 so that it is able to connect the path across the core net- 
work with the path to the terminating media gateway. 
This may be performed implicitly (i.e. the LSR knows 
that the next CR-LDP requestthatit receives from a giv- 
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en first-stage LSR correlates with the most recent COPS 
push message or explicitly (in that a unique matching 
identifier is contained in both COPS and CR-LDP mes- 
sage). The latter mechanism may be achieved in sev- 
eral ways. Our preferred method is to pre-allocate a set 5 
of third-layer LSP-IDs that are visible to the admission 
manager. During path negotiation the admission man- 
ager selects an unused third-layer LSP-ID and Includes 
this ID with the candidate DM-LSP LSP-ID. Once the 
path is negotiated, both COPS pushes contain this 
LSP-ID. The first-stage LSR uses this LSP-ID to identify 
the third-layer LSP-ID in the Label Request Message (it 
is the ingress LSRs role to specify a new LSP-ID for 
each new CRtLSP). The fifth stage LSR can then cor- 
relate this to the relevant COPS request. 
[0040] The process of COPS push allows the policy 
being applied to a particular controlled flow on an M PLS 
router to be asynchronously updated. That is, the MPLS 
router is told how to change the treatment it applies to 
the flow, without first asking to change it. This process 
is enabled by the use of ClientHandles to identify the 
flow. 

[0041 ] When the path for a new flow is received at an 
admission manager, a COPS Decision (DEC) message 
is pushed, that uses the ClientHandle associated with 
the outermost LSP. This naturally performs the selection 
of the first layer ER-LSP. Contained with In this DEC is 
the list of paths over which the flow is to be routed. This 
list will include the LSP-ID of the near-end dynamic mul- 
tiplex, the LSP-ID of the far-end dynamic multiplex and 
the LSP-ID of the connection from the far-end local 
switch to the destination media gateway. 
[0042] To enable the transfer of this Information, we . 
have defined a new COPS Specific Object. This is 
shown in figure 7. The object conforms to the existing 
COPS Specific Object pattern and has a CNum of 40 
and CType of 1 . The CNum is the identifierforthe object, 
and the CType is the instance of the object. The Object 
contains the list of LSP-IDs for the flow in the order in 
which they are to be used. Therefore LSP-ID 1 indicates 
the near-end dynamic multiplex and will be translated at 
the Local LSR into a two-tier label stack. Note that al- 
though the Clienthandle identifies the layer 1 tnrak, this 
trunk and the dynamic multiplex share the same LSP-ID 
space at the local router and therefore LSP-ID 1 can 
easily Identify the correct label stack, LSP-ID 2 will con- 
tain the LSP-ID of the second dynamic multiplex and 
LSP-ID 3 will contain the LSP-ID of the last hop from the 
far-end Local LSR to the MG. 

[0043] These next two values are the full 48-bit 
LSP-IDs. In order that these two values should be cop- 
ied in the same order into each packet in this flow as 
defined above, they must undergo suitable translation. 
As is illustrated in figure 10, each LSP-ID consists of a 
32-bit IP address and a 1 6-bit LSP number. . It is the 16 
bit LSP number that is of interest so each LSP-ID must 
have the IP' address removed and replaced with 4 lead- 
ing zeros. This makes use of the fact that inserting lead- 



ing zeros on a binary number leaves the value of that 
number the same i.e. 1101 =0000 1101. 
[0044] With this translation performed, the LSP-IDs 
are inserted in the same order as they occur in the 
COPS message : into the header of each packet in this 
flow at the Local LSR. That is, LSP-ID 3 should be the 
innermost of the labels. Once this is successfully com- 
pleted, a Report State (RPT) message is returned indi- 
cating that the new session has been successfully in- 
stalled. 

[0045] Once reservation is complete the session can 
begin. The originating media gateway performs the 
function of mapping incoming (IP) packets and append- 
ing a single label to these packets prior to forwarding to 
the first-stage LSR. The first-stage LSR terminates the 
label and uses this as an index to push a 3-label stack 
onto the payload. Thethree labels comprise: a third-lay- 
er session label a second-layer DM-LSP label (for rout- 
ing from first to third stage LSRs) and the first-layer la- 
bel. At the second-stage LSR (Local Tandem) the first- 
layer CR-LSP is terminated, the second-layer label is 
used to identify the correct second-stage Layer 1 
CR-LSP and its label pushed onto the label-stack. At the 
third-stage LSR (National Tandem) the second- layer 
DM-LSP is terminated, the third-layer label being used 
to index the corresponding Layer 1 and Layer 2 labels 
to forward the session to the next stage. The action at 
the fourth stage is analogous to the action at the second 
stage LSR. At the fifth stage LSR the layer 3 label is 
swapped for the corresponding label to forward the con- 
nection from the fifth stage LSR to terminating media 
gateway. The terminating media gateway terminates the 
MPLS stack and routes the packetto the terminating ter- 
minal. 4 
[0046] The label processing in each of the five nodes 
is illustrated in more detail in figure 8 which also shows 
how the optional use of penultimate hop popping can be 
used to improve bandwidth efficiency. Referring to figure 
8, the Local LSR receives a packet with the label as- 
signed to the MG-LSP A at configuration time. The pay- 
load is retrieved and three labels are pushed: Tunnel A 
Label/DM-LSP A Label/ Session Label. Assuming pe- 
nultimate hop popping, then the packet received by the 
local tandem node is headed by the DM-LSP A Label. 
As this Is the penultimate node for the DM-LSP A Its la- 
bel Is popped. The payload and remaining labels are 
then sent out on Tunnel B with Tunnel B Label. Again 
with penultimate hop popping the packet received by the 
national tandem is headed by the session label which is 
used to identify DM-LSP B and the label pair Tunnel C. 
These two labels are pushed above the session label. 
At the distant local tandem the DM-LSP B Label is rec- 
ognised as a penultimate hop for DM-LSP B and is 
popped. The payload and remaining labels are sent out 
on Tunnel D with Tunnel D Label. At the destination Lo- 
cal LSR the packet is headed by the session label which 
is consumed in identifying MG-LSP B and the packet is 
delivered to the media gateway with MG-LSP B Label 
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which was established when MG-LSP B was config- 
ured. 

[0047] By analogy with the PSTN five stages of 
switching appear to be necessary for QoS capable net- 
works leading to Local/Local-Tandern/National-Tan- 
dem/LocalTandem/Local routing for national services 
and Local/Local-Tandem/internationatTandenVLocal- 
Tandem/Local routing for international services. 
[0048] By way of example of the efficacy of the tech- 
niques described above, consider a carrier having 50 
million customers in the USA and a further 50 million 
customers in the rest of the world with 0.1 Erlang of ses- 
sion traffic per customer. Assume that typically 40% of 
traffic is long distance and 10% of traffic is International. 
The United States network could be organised with e.g. 
five hundred local nodes with typically 1 00,000 custom- 
ers each. The Local rTand ems could be disposed In e.g. 
fifty groups with two switches in each group dedicated 
to National and International traffic. Approximately one 
hundred national-tandems and twenty five international- 
tandems would be deployed throughoutthe world to pro- 
vide a global network. In this scheme the local nodes 
would typically support only 10,000 Erlangs and no tan- 
dem node would need to support more than 25,000 Er- 
lang of session traffic. These are trivial amounts of traffic 
by modern standards and this readily demonstrates the 
flexibility and efficacy of the five-stage network de- 
scribed herein. The connectivity of such a network is il- 
lustrated in figure 9, The nodes as illustrated are Virtual 
Nodes, a real physical switch could support a number 
of such Virtual Nodes. 

[0049] The overall control environment for five-stage 
MPLS networks is illustrated in figure 10. Each admis- 
sion manager associated with an media gateway con- 
troller maintains a regular dialogue with the DM-LSP 
control functions in the national and international tan- 
dems. On a routine basis, the admission manager in- 
forms the DM-LSP Control of its current utilisation of re- 
sources on a particular DM-LSP. This allows the 
DM-LSP Control to evaluate the resource utilisation on 
the hidden tunnel (i.e. egress from Local LSRto National 
Tandem or Ingress from National Tandem to Local) for 
this DM-LSP, and to offer an explicit allocation of re- 
sources to the admission manager for the next control 
interval. Assuming session holding times equivalent to 
current PSTN practice of about 120 seconds, then con- 
trol intervals of 10 or 20 seconds would be appropriate. 
Alternatively the previously described advertisement 
method could be used. 

[0050] When a session request arises then the AM on 
the originating side is able to select an MG-LSP A and 
to nominate candidate DM-LSPs Ax, Ay, Az which have 
sufficient allocated resource for the session (optionally 
it also identifies the LSP-ID that will be used to establish 
the new layer 3 CR-LSP). The terminating side admis- 
sion manager is now able to define the LSP-ID tuple for 
the connection by inspecting candidate DM-LSPs Bx, 
By, Bz. After selection, the admission manger offers 



MG-LSP A/DM-LSP A/DM-LSP B/MG-LSP B. This is 
then used by the admission manager to push the end- 
to-end connection. If the DM-LSP Control function is 
cautious in allocating resources to admission manag- 
5 ers, then the whole process is deterministicand the Lay- 
er 1 Tunnels need never be overloaded. The explicit 
path reservation mechanism deployed ensures that this 
is always the case. 
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Claims 



1. A method of routing an information packet over a 
label switched path between first and second end 
75 stations in a virtual private network defined over a 
communications network arrangement comprising 
a hierarchical arrangement of first, second and third 
levels of routers, the method comprising attaching 
to the information packet at a network edge a se- 
20 quence of first, second and third labels indicative of 
a corresponding concatenated sequence of label^ 
switched path sections within the virtual private net- 
work, each said path section extending between a 
pair of said routers. 

25 

2. A method as claimed in claim 1 , characterised in 
that each said virtual private network is defined by 
a network of quality of service capable tunnels each 
disposed between a respective pair of routers. 

30 

3. A method as claimed in claim 1 or 2, characterised 
in that said second level routers each perform an 
implicit switching function between the first level 
and third level routers. 

35 

4. A method as claimed in claim 1 , 2 or 3, character- 
ised in that said label switched path sections are 
incorporated in dynamic multiplexed label switched 
paths comprising first-stage and second-stage Lay- 

40 er 1 constraint-based routed label switched paths. 

5. A method as claimed in claim 4, characterised in 
that a new session*is°multiplexed onto a said dy- 
namic multiplexed label switched path only if the re- 

45 source constraints of the first-stage and second- 
stage constraint-based routed label switched paths 
are satisfied. 

6. A method as claimed in claim 5, characterised in 
so that the resource availability of the second-stage 

constraint-based routed label switched paths is ad- 
vertised periodically to the first-stage constraint- 
based routed label switched paths, and wherein the 
resource availability is used to determine path se- 
55 lection 

7. A method as claimed in claim 6, characterised in 
that the labels defining the sequence of tunnels are 
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assigned during tunnel establishment. 

8. A method as claimed in claim 7, characterised in 
that the labels defining the sequence of tunnels 
each identify a respective tunnel by means of a label 
switched path identifier. 

9. A method of routing information packets over a label 
switched path in a communications multi-service 
network comprising; a plurality of nodes intercon- 
nected via quality of service capable tunnels and 
incorporating a frame-mode label switched (MPLS) 
architecture, wherein end-to-end communications 
having a predetermined quality of service are pro- 
vided by defining at the network edge a label stack 

. of first, second and third labels for delivering pack- 
ets through a sequence of said tunnels defined by 
the label stack. 

10. A method as claimed in claim 9, characterised in 
that said tunnels are established as label switched 
path sections incorporated in dynamic multiplexed 
label switched paths comprising first-stage and sec- 
ond-stage Layer 1 constraint-based routed label 
switched paths. 

1 1 . A method as claimed in claim 1 0, characterised in 
that a new session is multiplexed onto a said dy- 
namic multiplexed label switched path only if the re- 
source constraints of the first-stage and second- 
stage constraint-based routed label switched paths 
are satisfied. 

12. A method as claimed in claim 11, characterised in 
that the resource availability of the second-stage 
constraint-based routed label switched paths is ad- 
vertised periodically to the first-stage constraint- 
based routed label switched paths, and wherein the 
resource availability is used to determine path se- 
lection 

13. A method as claimed in claim 12, characterised in 
that the labels defining the sequence of tunnels are 
assigned during tunnel establishment. 

1 4. A method as claimed in claim 13, characterised In 
that the labels defining the sequence of tunnels 
each identify a respective tunnel by means of a label 
switched path identifier. 

.1 5. A method as claimed in claim 14, characterised in 
that a session established on a said dynamic mul- 
tiplex constraint based label switched path is iden- 
tified by the third-layer label. 

16. A method as claimed in claim 15, characterised in 
that a bandwidth allocation mechanism is used to 
pre-allocate, on a predictive or as needed basis, ca- 



pacity within the second-stage Layer 1 constraint- 
based routed label switched paths such that dy- 
namic multiplexed label switched path selection is 
deterministic. 

5 

17. A communications multi-service network compris- 
ing; a plurality of nodes interconnected via quality 
of service capable tunnels and incorporating a 
frame-mode label switched (MPLS) architecture, 

10 wherein end-to-end communications having a pre- 
determined quality of service are provided by defin- 
ing at the network edge a label stack of first, second 
and third labels for delivering packets through a se- 
quence of said tunnels defined by the label stack. 

15 

18. A communications multi-service network incorpo- 
rating a plurality of dynamic multiplex constraint 
based label switched paths defining quality of serv- 
ice capable tunnels, each said path comprising a 

20 second layer constraint based label switched paths 
constrained within two first-layer constraint based 
label switched paths. 

19. A communications network as claimed in claim 1 8, 
25 characterised in that a said dynamic multiplex 

constraint based label switched path has no explicit 
traffic, contact but is constrained entirely by the of 
its first layer paths. 

30 20. A communications network as claimed in claim 18, 
characterised in that a new session is capable of 
being multiplexed onto a said dynamic multiplexed 
label switched path only if the resource constraints 
of the first-stage and second-stage constraint- 
35 based routed label switched paths are satisfied. 

21. A communications network as claimed in claim 20, 
characterised in that the resource availability of 
the second-stage constraint-based routed label 
40 switched paths is advertised periodically to the first- 
stage constraint-based routed label switched paths, 
and wherein the resource availability Is used to de- 
termine patlrs^lection 

« 22. A communications network as claimed in claim 21 , 
characterised In that the labels defining the se- 
quence of tunnels are assigned during tunnel es- 
tablishment. 

so 23. A communications network as claimed in claim 22, 
characterised in that the labels defining the se- 
quence of tunnels each identify a respective tunnel 
by means of a label switched path identifier. 

55 24. A communications network as claimed in claim 23, 
characterised in that a session established on a 
said dynamic multiplex constraint based label 
switched path is identified by the third-layer label. 



30 



35 



17 EP 1 187 405 A1 18 

25. A communications network as claimed in claim 24, 
characterised in that a bandwidth allocation 
mechanism is used to pre-ailocate, on a predictive 
or as needed basis, capacity within the second- 
stage Layer 1 constraint-based routed label s 
switched paths such that dynamic multiplexed label 
switched path selection is deterministic. 
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